Search Exploit

Ayukov NFTP FTP Client Buffer Overflow

This Metasploit module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denial-of-service condition on the FTP client, or arbitrary remote code execution under the context of the user if successfully exploited.

# It is important to use 0x20 (space) as the first chunk of the buffer, because this chunk # is visible from the user's command prompt, which would make the buffer overflow attack too # obvious. sploit = "\x20"*4116